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MEMORANDUM FOR: 
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Under Secretary for Industry and Security 

Allen Crawley C^^^ 
Assistant Inspector General for Systems Acquisiti 
and IT Security 

Audit of Bureau of Industry and Security's Continuous Monitoring 
Strategy and Practices 




As part of our fiscal year (FY) 2014 Federal Information Security Management Act of 2002 
(FISMA) review, OIG is initiating an audit of the Bureau of Industry and Security's continuous 
monitoring strategy and practices. The audit objective is to determine whether BIS' continuous 
monitoring strategy and practices, including ongoing security control assessments of its critical 
information systems, provide adequate information for authorizing officials to make proper risk- 
based decisions. 


We plan to begin this work immediately. We will contact your audit liaison to establish an 
entrance conference to discuss this audit. We will conduct our fieldwork at selected BIS and 
contractor sites. If you have any questions, please call me at (202) 482-1855 or Dr. Ping Sun at 
(202) 482-6121. 

cc: Simon Szykman, Chief Information Officer 

Rod Turk, Director, Office of Cyber Security, and Chief Information Security Officer 

Eddie Donnell, Acting Chief Information Officer, BIS 

Ida Mix, Acting Director of Budget, Planning, Assurance and Security, BIS 

Susan Schultz Searcy, Audit Liaison, Office of the Chief Information Officer 

Mark Crace, Audit Liaison, BIS 


